Information
*Description*
Internet Explorer allows scripts to programmatically open, resize, and reposition various
types of windows. Often, disreputable Web sites resize windows to either hide other
windows or force you to interact with a window that contains malicious code. The
recommended state for this setting is- Enabled.
*Rationale*
The Internet Explorer Processes (Scripted Window Security Restrictions) setting restricts
pop-up windows and does not allow scripts to display windows in which the title and
status bars are not visible to the user or that hide other windows' title and status bars.
When enabled, this policy setting help make it difficult for malicious Web sites to control
your Internet Explorer windows or fool users into clicking the wrong window.
Solution
To implement the recommended configuration state, set the following Group Policy setting
to Enabled.
Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Security Features\Scripted Window Security Restrictions\Internet Explorer
Processes
Impact-If you enable this policy setting, pop-up windows will not display in Windows Explorer and
Internet Explorer processes. If you disable or do not configure this policy setting, scripts
will still be able to create pop-up windows and windows that hide other windows.